The Anti-Phishing Working Group (APWG) is the world’s largest international coalition fighting Internet crime with cooperation from industry, government and law-enforcement sectors, and NGO communities.
The APWG’s Co-Founder and Secretary-General, Peter Cassidy, is one of the world’s foremost experts in digital security and fighting cybercrime. Without a doubt one of the most illuminating and brilliant minds I’ve ever had the pleasure of connecting with in recent years.
In our 10-minute podcast, Peter opines as to why fighting abuse is important, his involvement in creating STOP. THINK. CONNECT. ™, what Job #1 should be for companies looking to improve their cybersecurity, and, if he could fix one thing on the Internet, what would it be?
We’re all back from our summer vacations and once again busy producing new video interviews and podcasts with a variety of industry experts for your viewing and listening pleasure in the upcoming weeks and months!
To that end, I spoke recently with Daniel Greenberg, who is the Director, CEO, and Founder of Lexsynergy, a UK-based domain management and online brand protection specialist registrar with additional offices in Ireland, the USA, South Africa, and Australia. Some in our industry refer to such registrars as “corporate registrars.”
I’ve known Daniel and his company for several years, and from conversations at various industry events was aware of their particular expertise in dealing with African TLDs. (e.g. .ml – Mali; .ga – Gabon). As we are receiving abuse reports from our sources for a select group of African TLDs, I thought it would be a good time to catch up with Daniel and get his take on the latest concerning Internet usage, brand and IP protection issues, and abuse in African TLDs.
Peter Cassidy, Co-Founder and Secretary-General at the Anti-Phishing Working Group (APWG), speaks with Pinky Brand, Senior Vice President at iQ. Read the extended interview with Peter at iq.global/blog.
Recorded: August 2021
I had the pleasure of speaking recently with Shaun Wilkinson, who is an industry friend and a customer (.cloud is a customer of iQ) regarding the development and brokering of premium domain name inventory from a registry operator point of view, specifically his experience as Head of Premium Names at .cloud, and how the pandemic and cloud computing sector is affecting naming trends.
Until we connected for this interview, I didn’t realize that Shaun speaks six languages! He is from England, lived in Italy, and now resides in Germany, and thus brings a European perspective to the new gTLD market.
Another interesting tidbit about Shaun: He founded and runs an official charity, the Hope Children’s Center, which supports and maintains schools in poor areas of Kenya. If you’ve attended domain or hosting industry events you’ve probably heard about it. However, in case you haven’t, we spend the last five minutes learning more about this wonderful cause.
In this video interview and podcast for iQ, I spoke with Elizabeth Behsudi about the recently published I&JPN Toolkit on Domain Name System (DNS) Level Action to Address Abuses.
This new resource intends to support domain name system operators in the design of their DNS abuse-related activities, notifiers in the detection and reporting of problematic activity within the DNS, as well as legislators, and law enforcement to determine procedures for dealing with different types of DNS Abuse.
I had the opportunity to learn more about all of this by speaking with Elizabeth Behsudi, who is the Director of the Domains & Jurisdiction Program, and Secretariat at the I&JPN. Please have a watch or a listen!
One of the brains behind iQ’s brand new and free iQ Abuse Report service is my good colleague LG Forsberg, our CTO at iQ. I put him in the spotlight for this discussion, and LG provided an overview of this service that is designed to allow anyone to gain daily insight into whether you or someone else has a problem with domain name abuse.
In this latest segment of the iQ video blog series, I conducted a wide ranging discussion with Carel Bitter, the Head of Data at Spamhaus. Carel is is part of the very fabric of The Spamhaus Project, having been with the organization for over a decade.
How is the Spamhaus Domain Block List (DBL) used?
How is the list compiled? How do you calculate it?
Comments on real data vs. fake data use trends.
Comments on measuring the effect of price vs. measuring # of abuse reports in new gTLDs vs. ccTLDs and legacy TLDs.
How can a TLD or registrar get off the “bad list”?
How can a registry, registrar, or registrant remove a specific name or bulk list of names from the DBL?
What about domains in the DBL where no evidence of spam is actually detected?
Any systematic way to provide a real time feedback loop on takedowns/serverHolds?
Why do some TLD or registrars suddendly appear and then disappear from the bad lists?
What about providing evidence? Is it possible to get email headers or other evidence with your reports?
What are some new attack vectors you are observing these days? What’s a “phishing rod” threat vs. a “phishing” threat?
I hope you find the inteview helpful to your operation. We all must continue to cooperate and share knowledge in the effort to fight DNS abuse.
For episode #4 of the iQ video blog series, we took a deeper dive into the world of managing domain name abuse with iQ’s resident expert and czar of managing domain name abuse for a variety of iQ clients, Mr. Steinar Grøtterød, officially Director of Registry Operations & Compliance at iQ.
I had the opportunity to get Steinar’s opinions on such matters as:
How can a registry or registrar reduce the amount of duplicative and non-actionable abuse reports?
How do you get off a blacklist or bad list?
Should there be evidence standards from the reputation/blacklist providers?
What’s up with ccTLDs and abuse?
Why do European ccTLD operators, registrars, and resellers need to start paying attention to the NIS2 Directive?
This marked my third interview conducted for the iQ video blog series. For this episode we took the subject matter in a different direction, posting my conversation with a rising businessperson in the domain name industry aftermarket segment, Mr. Mark Ghoriafi, who is the founder of MrPremium.com.
It’s no surprise that buying and selling premium domain names (via EPP or direct) represents a significant revenue opportunity for many registry operators, registrars, resellers, aftermarket sites, auction houses and third party brokers such as MrPremium.com.
Mark shares a few stories about his unusual entry experience into the domain name industry, and how he uses data and other assets to help him sell premium domain names. He also shares tips on which web tools and techniques he finds useful in his day to day outbound sales operation along with thoughts about social audio platforms’ (e.g. Clubhouse) impact on the industry to date.
Scamadviser.com checks 50,000 new domain names every day to determine the likelihood of being either legit or a possible scam. iQ Abuse Manager has integrated Scamadviser’s data into its abuse feed to make identification of malicious websites, faster, easier and facilitate take down processes more efficiently.
LG Forsberg, CTO of iQ explains why the cooperation with Scamadviser is unique: “Our abuse feed already includes a multitude of sources reporting on many types of malicious behaviour like phishing, malware, botnets and spam. However, the number of scams where consumers and businesses lose money to actors not delivering products or services or in other ways scam consumers of data or money is growing at an exponential rate. Scamadviser’s data is unique in that it can identify these kinds of cybercrime.”
Jorij Abraham, director of Scamadviser elaborates: “We are incredibly happy that iQ has integrated our data into its feed and abuse manager platform, helping more than 150 Internet infrastructure providers to keep the Internet safe. In this way our mission to protect consumers from being scammed is taking the next big step.”.
iQ is a SaaS, software, and consulting service provider for the domain name industry, working with over 150 different top-level domain names and domain name registrars, bringing them intelligence, automation, and access to expertise and experience. iQ Abuse Manager is a CRM-like abuse management system primarily for top-level domain name registries, registrars, and hosting companies. Every day the service performs more than 60 million scans to combat domain name abuse.
For questions regarding iQ and iQ Abuse Manager you can contact email@example.com
Scamadviser.com is used by over 2.5 million consumers every month to determine if a website is legitimate or a scam. Scamadviser’s data is also used by law enforcement, brand protection agencies, social media networks and security companies to fight online fraud. Scamadviser is an initiative of the Ecommerce Foundation.
This first week of February 2021 marks the beginning of a video blog series I’ll be producing for our company, iQ. We plan to feature experts sharing their stories and insight on relevant topics that many of us deal with in our day-to-tasks along with overarching topics facing the domain industry. And maybe we’ll share a refreshing beverage or two while we talk. Who knows where the conversation will go!
This first episode features a 20 minute interview with iQ’s CTO, Mr. “LG” Forsberg. If you’ve ever attended or wanted to attend Nordic Domain Days (LG’s the founder); want to hear what he has to say about challenges in trying to tackle domain name abuse and how iQ decides which abuse feeds/reputation block lists to integrate, then you may want to check out this video.
This is a work in progress so feedback is welcome. We expect to refine and improve it over time!